<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../jacoco-resources/report.css" type="text/css"/><link rel="shortcut icon" href="../jacoco-resources/report.gif" type="image/gif"/><title>DefaultResourceSetService.java</title><link rel="stylesheet" href="../jacoco-resources/prettify.css" type="text/css"/><script type="text/javascript" src="../jacoco-resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="info"><a href="../jacoco-sessions.html" class="el_session">Sessions</a></span><a href="../index.html" class="el_report">UMA Server Library</a> > <a href="index.source.html" class="el_package">org.mitre.uma.service.impl</a> > <span class="el_source">DefaultResourceSetService.java</span></div><h1>DefaultResourceSetService.java</h1><pre class="source lang-java linenums">/******************************************************************************* * Copyright 2018 The MIT Internet Trust Consortium * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. *******************************************************************************/ package org.mitre.uma.service.impl; import java.util.Collection; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.OAuth2AccessTokenEntity; import org.mitre.oauth2.repository.OAuth2TokenRepository; import org.mitre.uma.model.PermissionTicket; import org.mitre.uma.model.Policy; import org.mitre.uma.model.ResourceSet; import org.mitre.uma.repository.PermissionRepository; import org.mitre.uma.repository.ResourceSetRepository; import org.mitre.uma.service.ResourceSetService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Primary; import org.springframework.stereotype.Service; /** * @author jricher * */ @Service @Primary <span class="fc" id="L42">public class DefaultResourceSetService implements ResourceSetService {</span> <span class="fc" id="L44"> private static final Logger logger = LoggerFactory.getLogger(DefaultResourceSetService.class);</span> @Autowired private ResourceSetRepository repository; @Autowired private OAuth2TokenRepository tokenRepository; @Autowired private PermissionRepository ticketRepository; @Override public ResourceSet saveNew(ResourceSet rs) { <span class="pc bpc" id="L58" title="1 of 2 branches missed."> if (rs.getId() != null) {</span> <span class="fc" id="L59"> throw new IllegalArgumentException("Can't save a new resource set with an ID already set to it.");</span> } <span class="nc bnc" id="L62" title="All 2 branches missed."> if (!checkScopeConsistency(rs)) {</span> <span class="nc" id="L63"> throw new IllegalArgumentException("Can't save a resource set with inconsistent claims.");</span> } <span class="nc" id="L66"> ResourceSet saved = repository.save(rs);</span> <span class="nc" id="L68"> return saved;</span> } @Override public ResourceSet getById(Long id) { <span class="nc" id="L74"> return repository.getById(id);</span> } @Override public ResourceSet update(ResourceSet oldRs, ResourceSet newRs) { <span class="fc bfc" id="L80" title="All 4 branches covered."> if (oldRs.getId() == null || newRs.getId() == null</span> <span class="pc bpc" id="L81" title="1 of 2 branches missed."> || !oldRs.getId().equals(newRs.getId())) {</span> <span class="fc" id="L83"> throw new IllegalArgumentException("Resource set IDs mismatched");</span> } <span class="nc bnc" id="L87" title="All 2 branches missed."> if (!checkScopeConsistency(newRs)) {</span> <span class="nc" id="L88"> throw new IllegalArgumentException("Can't save a resource set with inconsistent claims.");</span> } <span class="nc" id="L91"> newRs.setOwner(oldRs.getOwner()); // preserve the owner tag across updates</span> <span class="nc" id="L92"> newRs.setClientId(oldRs.getClientId()); // preserve the client id across updates</span> <span class="nc" id="L94"> ResourceSet saved = repository.save(newRs);</span> <span class="nc" id="L96"> return saved;</span> } @Override public void remove(ResourceSet rs) { // find all the access tokens issued against this resource set and revoke them <span class="nc" id="L103"> Collection<OAuth2AccessTokenEntity> tokens = tokenRepository.getAccessTokensForResourceSet(rs);</span> <span class="nc bnc" id="L104" title="All 2 branches missed."> for (OAuth2AccessTokenEntity token : tokens) {</span> <span class="nc" id="L105"> tokenRepository.removeAccessToken(token);</span> <span class="nc" id="L106"> }</span> // find all outstanding tickets issued against this resource set and revoke them too <span class="nc" id="L109"> Collection<PermissionTicket> tickets = ticketRepository.getPermissionTicketsForResourceSet(rs);</span> <span class="nc bnc" id="L110" title="All 2 branches missed."> for (PermissionTicket ticket : tickets) {</span> <span class="nc" id="L111"> ticketRepository.remove(ticket);</span> <span class="nc" id="L112"> }</span> <span class="nc" id="L114"> repository.remove(rs);</span> <span class="nc" id="L115"> }</span> @Override public Collection<ResourceSet> getAllForOwner(String owner) { <span class="nc" id="L119"> return repository.getAllForOwner(owner);</span> } @Override public Collection<ResourceSet> getAllForOwnerAndClient(String owner, String clientId) { <span class="nc" id="L124"> return repository.getAllForOwnerAndClient(owner, clientId);</span> } private boolean checkScopeConsistency(ResourceSet rs) { <span class="nc bnc" id="L128" title="All 2 branches missed."> if (rs.getPolicies() == null) {</span> // nothing to check, no problem! <span class="nc" id="L130"> return true;</span> } <span class="nc bnc" id="L132" title="All 2 branches missed."> for (Policy policy : rs.getPolicies()) {</span> <span class="nc bnc" id="L133" title="All 2 branches missed."> if (!rs.getScopes().containsAll(policy.getScopes())) {</span> <span class="nc" id="L134"> return false;</span> } <span class="nc" id="L136"> }</span> // we've checked everything, we're good <span class="nc" id="L138"> return true;</span> } /* (non-Javadoc) * @see org.mitre.uma.service.ResourceSetService#getAllForClient(org.mitre.oauth2.model.ClientDetailsEntity) */ @Override public Collection<ResourceSet> getAllForClient(ClientDetailsEntity client) { <span class="nc" id="L146"> return repository.getAllForClient(client.getClientId());</span> } } </pre><div class="footer"><span class="right">Created with <a href="http://www.jacoco.org/jacoco">JaCoCo</a> 0.7.9.201702052155</span></div></body></html>